Last week we were honored to team up with the FBI (in partnership with the Cyber Center of Excellence (CCOE)) and Biocom on behalf of our biotech heros. The team hosted an exclusive executive-level briefing on cybersecurity specifically tailored to San Diego’s life sciences industry. This Biocom-member webinar contained an overview of the security challenges companies are facing in 2020 and beyond. In addition to industry-specific advice and an overview of current insider threats, the FBI left us with the following FBI cybersecurity resources and covid-19 recommendations.
Cybersecurity Best Practices Handout
This handout gives a list of the top best cybersecurity practices.
- Network: High-level best practices for backups, policies, system and software permissions, and other network considerations.
- Email Security: These top email security tips help give end-users the awareness they need to protect themselves from bad actors targeting them through email.
- Web Activity Tips for Employees: Safe web activity begins with following these four best practices. Download Cyber Security Best Practices 2020
CEO & Wire Transfer Fraud Checklist
This checklist contains a list of immediate actions victims of CEO or Wire Transfer Fraud can take. Also known as Business Email Compromise (BEC), this type of cyber crime uses email fraud to negatively impact a target organization. BEC is the biggest scam currently affecting the US and is responsible for nearly $1.8B in victim losses in 2019. Download BEC Checklist
In case of an incident, immediately call your local FBI contact or logon to www.ic3.gov and file a report.
Criminals and Nation-State Cyber Actors Conducting Widespread Pursuit of US Biological and COVID-19 Related Research
This Private Industry Notification (PIN 20200521-001) details data collected about the increase in criminal and cyber activities targeting US biological and COVID-19 related research. Download Notification
Additional information about Covid-19-related scams can be found at: https://www.fbi.gov/coronavirus
Ransomware Prevention and Response for CEOs
Ransomware Prevention and Response for CEOs provides a high-level introduction to ransomware. It describes what ransomware is, how to protect networks from ransomware, and how to respond to ransomware in the case of an incident.
Safe Travel Practices
- State Department’s Travel Advisories: Review current advisories prior to any international travel.
- Safety and Security for the Business Professional Traveling Abroad: This brochure highlights critical safety and security steps to follow during different parts of an international trip.
- Use ‘Burner laptops’ or Travel Laptops: Executives or specialized staff may be targeted when traveling to unfriendly countries. Data security increases when travelers use a travel laptop instead of their primary system. These devices can be screened and erased upon returning home.
- Travel-approved Items/Materials: Always follow airline guidelines about what you can bring with you on the plane. Additionally, educate yourself about any restrictions in the places you are visiting or upon returning home. Be aware of individuals providing you with restricted materials for the purpose of being stopped by authorities for possessing those materials.
Outreach Programs to Keep You Informed
The mission of the FBI is to protect the American people and uphold the constitution of the US. They collect intelligence and share indicators of compromise with US organizations in order to protect the country as a whole. Here are different ways of accessing these resources and FBI outreach programs. Use these resources to inform your organization about the current threat landscape.
- Executive Briefing Series: The Executive Briefing Series summarizes the current threats business leaders can expect to target their organizations.
- Community Outreach Programs
- Junior Agent program
- Teen Academy
- Citizens Academy
- InfraGard: InfraGard is a partnership between the FBI and members of the private sector. It is free, and offers you the opportunity to partner with peers in your territory and the FBI. You also will receive intelligence classified at the FOUO (FOR OFFICIAL USE ONLY) level and training in cyber and physical security.
- FBI Relationships
- San Diego Cyber Center of Excellence (CCOE)
- Local FBI contacts: Call your local FBI BEFORE an incident so the relationship is in place in case of an attack. Add the contact information to your business continuity plan and update your crisis communication messaging appropriately.
These FBI cybersecurity resources and covid-19 recommendations are a starting point for any organization reviewing their security policies and procedures. For assistance ensuring your networks are following safe practices, contact your IT provider and ask about your options.